Skip to main content
Echelon
Graph
Product
Directory
Enterprise
Compliance
Pulse
Exposures
AI Analyst
Compare
Docs
Login
Start Free
Pulse
›
Vendor Advisories
›
Microsoft Security Response Center (MSRC)
›
CVE-2026-40393
CVE-2026-40393
High
CVSS
8.1
In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca.
Vendor
Microsoft Security Response Center (MSRC)
Published
June 2, 2026
Last Modified
—
🔗 CVE IDs covered (1)
CVE-2026-40393 →